14 DAY TRIAL // According to a security report released by Microsoft, some 97 percent of all e-mails sent throughout the world are unwanted, as in spam. The paper also reveals that, most often, the advertisements refer to all sorts of drugs and health schemes, to ways to make easy money and to personal messages sent by unknown persons. What's concerning is that the vast majority off these mails have malicious software or code lines attached to them, so when people open them, they are exposed to having their computer penetrated and maybe even be made part of a bot network.
“The good news is that the majority of that never hits your inbox although some will get through,” the BBC News learned from the Head of Security and Privacy at Microsoft UK, Cliff Evans. “With higher capacity broadband and better OS (operating systems), and higher power computers, it is easier now to send out billions of spams. Three or four years ago the capacity wasn't there,” Microsoft's Chief Cyber Security Advisor, Ed Gibson, added.
He also explained that organized Internet crime was no longer focusing its efforts on software vulnerabilities, but on exploiting and “targeting the weak link that is you and me.”
According to an analysis from Message Labs, an e-mail security firm, spam rates dropped at the end of 2008, mostly due to the fact that a hacked ISP had been taken offline. “Our own analysis shows that around 81% of e-mail traffic we were processing was identified as spam and unwanted. As a result of [the ISP going offline], a number of developers in botnet technology at the end of last year were trying to regain botnet control and increase capacity and return to previous spam levels. It wont be far off before we see return to those levels,” Message Labs Senior Analyst Paul Woods stressed.
One of the preferred targets for attackers is the common file format, such as that belonging to the Microsoft Office suite and to Adobe's PDF files. Hackers are using this type of files to penetrate the computers of their targets, even though the vulnerabilities that they exploit have been patched for as long as two years, in the software updates released by the respective manufacturers.
“If you don't update your software, you are not just a hazard to yourself, you are hazard to others because you can be part of a botnet,” Gibson emphasized. “For consumers it is happening, but for business less so. We have encouraged businesses to make more use of automatic updates,” Evans concluded and expressed his satisfaction with the fact that more and more end-users were beginning to update their software via the automatic update tool available to them on purchase.